Forum Discussion

Militza's avatar
Militza
Icon for Nimbostratus rankNimbostratus
Nov 07, 2024

HSTS is not working.

Hi there,

 

We have one irule is configured on VIP which is redirecting to maintenance page if user access the wrong url on that page HSTS is not working but if we access the right url then HSTS is working. We have enabled HSTS in http profile and that is attached to the same VIP with irule. Is there any way to enable HSTS on maintenance page or any remediation to fix that issue.

 

 if { $DEBUG } { log local0. "TEST - Source IP address: [IP::client_addr]" }

   switch -glob $uri_ext {
      "/httpfoo*"  {set uri_int [string map {"/httpfoo" "/adapter_plain"} $uri_ext]}
      "/httptest*" {set uri_int [string map {"/httptest" "/adapter_plain"} $uri_ext]}
   
      default     {
         HTTP::respond 200 content [ifile get ifile_service_unavailable_html]
         set OK 0
      }
   }

 
Many thanks in advance.

  • HTTP::respond 200 content [ifile get ifile_service_unavailable_html] " "Strict-Transport-Security" "max-age=16070400"

    You must set the HSTS header in your HTTP response manually.